Skip to content
/ cloudskew-provisioning Public

CloudSkew's infrastructure provisioning scripts

License

MIT license
2 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

cloudskew/cloudskew-provisioning

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits

.vscode

.vscode

 
 

piplines

piplines

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

Pulumi.yaml

Pulumi.yaml

 
 

README.md

README.md

 
 

helper.ts

helper.ts

 
 

index.ts

index.ts

 
 

package-lock.json

package-lock.json

 
 

package.json

package.json

 
 

resource-names.ts

resource-names.ts

 
 

tsconfig.json

tsconfig.json

 
 

Repository files navigation

Work in progress

CloudSkew's infrastructure provisioning scripts are being migrated from terraform to pulumi.

🔨 The following resources still have to be migrated:

  • Azure Function App
  • Azure Service bus
  • Azure Monitor (Action Group, Metric Alerts, App Insights)

🔧 In addition to this, we need automated provisioning for:

  • Azure Container Registry's webhook (to notify App Service)
  • Auth0 tenant

Prerequisites

Environments

CloudSkew uses two separate Azure Subscriptions to isolate its testing and production environments.

CloudSkew's Pulumi Project also uses two separate Pulumi Stacks (testing, production) to isolate deployment configs for the above environments.

Service Principals and Role Assignment

For automation, two service principals have been created in Azure Active Directory:

  • cloudskew-testing-service-principal for the testing environment.
  • cloudskew-production-service-principal for the production environment.

Both service principals have been assigned the contributor role in their respective Azure Subscriptions.

Provisioning Process

Automated Provisioning (via Azure Pipelines)

Environment Action Pipeline Status
testing setup cloudskew-setup.testing badge
testing teardown cloudskew-teardown.testing badge
production setup cloudskew-setup.production badge
production teardown cloudskew-teardown.production badge

Manual Provisioning (For Emergencies Only)

Ensure that you have Pulumi installed on your local machine and are logged in using the access token.

  1. Open a terminal window

  2. Clone this git repository locally: git clone https://github.com/cloudskew/cloudskew-provisioning.git <local folder>

  3. Navigate to the local repo

  4. Install Pulumi: curl -fsSL https://get.pulumi.com | sh

  5. Run npm install

  6. Set the following environment variables (choose one of the service principals mentioned above according to the environment to be provisioned)

    • export ARM_CLIENT_ID=REPLACE-WITH-SERVICE-PRINCIPAL-CLIENT-ID
    • export ARM_CLIENT_SECRET=REPLACE-WITH-SERVICE-PRINCIPAL-CLIENT-SECRET
    • export ARM_SUBSCRIPTION_ID=REPLACE-WITH-AZURE-SUBSCRIPTION-ID
    • export ARM_TENANT_ID=REPLACE-WITH-AZURE-TENANT-ID

  7. Choose an environment to target by running:

    • pulumi stack select testing for testing environment OR
    • pulumi stack select production for production environment

  8. run pulumi up

About

CloudSkew's infrastructure provisioning scripts

Topics

infrastructure-as-code pulumi cloudskew

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

2 stars

Watchers

3 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages